Classification
The Classification class provides the "name" of an alert, or other information allowing the manager to determine what it is. This name is chosen by the alert provider.
digraph Classification { graph [bb="0,0,438,113", rankdir=LR ]; node [label="\N"]; Classification [height=0.98611, label=<<table BORDER="0" CELLBORDER="1" CELLSPACING="0"> <tr> <td BGCOLOR="#92765a" HREF="/idmef_parser/IDMEFv1/Classification.html" TITLE="The Classification class provides the "name" of an alert, or other information allowing the manager to determine what it is. This name is chosen by the alert provider. "><FONT FACE="Nimbus Sans L">Classification</FONT></td> </tr>" %<tr><td BGCOLOR="#b79370" HREF="/idmef_parser/IDMEFv1/Classification.html" TITLE="A unique identifier for this classification; see Section 3.2.9."><FONT FACE="Nimbus Sans L">[STRING] ident (Optional)</FONT></td></tr>%<tr><td BGCOLOR="#b79370" HREF="/idmef_parser/IDMEFv1/Classification.html" TITLE="A vendor-provided string identifying the Alert message."><FONT FACE="Nimbus Sans L">[STRING] text (Required)</FONT></td></tr>%</table>>, pos="89,56.5", shape=plaintext, width=2.4722]; Reference [height=1.5694, label=<<table BORDER="0" CELLBORDER="1" CELLSPACING="0"> <tr> <td BGCOLOR="#92765a" HREF="/idmef_parser/IDMEFv1/Reference.html" TITLE="The Reference class provides the "name" of an alert, or other information allowing the manager to determine what it is. "><FONT FACE="Nimbus Sans L">Reference</FONT></td> </tr>" %<tr><td BGCOLOR="#b79370" HREF="/idmef_parser/IDMEFv1/Reference.html" TITLE="The name of the alert, from one of the origins listed below."><FONT FACE="Nimbus Sans L">[STRING] name (Required)</FONT></td></tr>%<tr><td BGCOLOR="#b79370" HREF="/idmef_parser/IDMEFv1/Reference.html" TITLE="A URL at which the manager (or the human operator of the manager) can find additional information about the alert. The document pointed to by the URL may include an in-depth description of the attack, appropriate countermeasures, or other information deemed relevant by the vendor."><FONT FACE="Nimbus Sans L">[STRING] url (Required)</FONT></td></tr>%<tr><td BGCOLOR="#b79370" HREF="/idmef_parser/IDMEFv1/Reference.html" TITLE="The source from which the name of the alert originates. The permitted values for this attribute are shown below. The default value is "unknown". (See also Section 10.)"><FONT FACE="Nimbus Sans L">[ENUM] origin (Required)</FONT></td></tr>%<tr><td BGCOLOR="#b79370" HREF="/idmef_parser/IDMEFv1/Reference.html" TITLE="The meaning of the reference, as understood by the alert provider. This field is only valid if the value of the <origin> attribute is set to "vendor-specific" or "user-specific"."><FONT FACE="Nimbus Sans L">[STRING] meaning (Optional)</FONT></td></tr>%</table>>, pos="337.5,56.5", shape=plaintext, width=2.7917]; Classification -> Reference [label="0..*", lp="207.5,64", pos="e,236.86,56.5 178.01,56.5 193.81,56.5 210.44,56.5 226.76,56.5"]; }
Aggregates
Reference (0..*)
Information about the message, pointing to external documentation sites, that will provide background information about the alert.
Attributes
ident (Optional)
A unique identifier for this classification; see Section 3.2.9.
text (Required)
A vendor-provided string identifying the Alert message.